Brave's file is detected by 14 av engines

Tiamati

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
"Tor-0.3.5.8-win32-brave-1" (and older versions) has been a problem for Brave since it has been detected as PUA by Kaspersky at the beggining of the year. Now, 14 engines are detecting it, including TrendMicro, Microsoft and Panda.

It seems it was already reported for kaspersky as false positive, but they insisted it is a correct detection. Maybe they are right...
 
  • Like
  • +Reputation
  • Wow
Reactions: Mercenary, Stopspying, toto_10 and 6 others
B

BVLon

Tiamati said:
"Tor-0.3.5.8-win32-brave-1" (and older versions) has been a problem for Brave since it has been detected as PUA by Kaspersky at the beggining of the year. Now, 14 engines are detecting it, including TrendMicro, Microsoft and Panda.

It seems it was already reported for kaspersky as false positive, but they insisted it is a correct detection. Maybe they are right...
Click to expand...
Oh wow, tonight when I tested TM it didn't care to detect like 10/20 viruses, some of them ransomware, but they are very careful in putting Brave on blacklist. Norton doesn't detect anything.... It's less than 14, as ZoneAlarm for example is based on Kaspersky... Anyhow, you can always do an exclusion...
 
  • Like
  • HaHa
Reactions: Mercenary, toto_10, Nevi and 5 others
Tiamati

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
BVLon said:
Oh wow, tonight when I tested TM it didn't care to detect like 10/20 viruses, some of them ransomware, but they are very careful in putting Brave on blacklist. Norton doesn't detect anything.... It's less than 14, as ZoneAlarm for example is based on Kaspersky... Anyhow, you can always do an exclusion...
Click to expand...
Yep, I could exclude it. Anyway, i'm concerned about brave as it's not good at all having so many av detecting part of it as pua. Furthermore, virustotal detected only 7 engines in January . Now, 2 months later, they are 14
 
  • Like
Reactions: Stopspying, toto_10, Jack and 1 other person
B

BVLon

Azure said:
Seems to be a long running issue

Kaspersky Support Forum

Kaspersky forum where Kaspersky product users and experts share tips, advice, help and solutions in your preferred language
forum.kaspersky.com forum.kaspersky.com
Click to expand...
i have forgotten the Kaspersky settings, or at least some of them, so forgive me for the question.
Is Kaspersky always removing low-risks automatically, without asking? If yes, that would be lame of them.

Hi, freedomfries, as well as your above post.

Thank you for this new information, yes Brave browser "auto updater" was the issue and is now is white-listed.

Quote:

To the individual who suggested to install a browser with "better reputation", Brave is developed by the founder of Mozilla.
Click to expand...
The above quote belongs to a Kaspersky community mod... 🤨
Seems like their staff is not really knowledgeable (not to say incompetent to a point of useless) and on top of that is inclined to get agitated, and rude...Like someone needs to know who the founder of Brave is... People literally can't sleep unless they find out. I think I should sign up there and teach them some discipline... I guarantee in a month half of them will step out of the forum :D
While their mod is clarifying who found Brave and arguing it is not on blacklist, we can all see it is suggested by Kaspersky for deletion... It makes them look a bit...funny.
 
Last edited by a moderator:
  • Like
Reactions: Venustus, toto_10, Nevi and 2 others
Tiamati

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
BVLon said:
Is Kaspersky always removing low-risks automatically, without asking?
Click to expand...
No, they ask you to process it, and if you do, it's automatically excluded. But you can add to exclusion list before that...

Azure said:
Seems to be a long running issue
Click to expand...

I guess kaspersky doesn't like someone in brave develop team. Wtf... they were marking Brave as trojan in 2018????? And how about the way they managed the problem?

Initially the (Kaspersky "experts") did replicate the issue, a subsequent test they (the Kaspersky "experts") didn’t replicate the issue therefore, they (the Kaspersky "experts" concluded that its(sic) seems the issue is resolved)

NO, the issue: “[KTS19(d)] detecting Brave Installer as malware: PDM:Trojan.Win32.Generic”,is NOT resolved , as all [Brave/Kaspersky] users affected by this issue know only too well.

They (Kaspersky Lab Technical Support) frequently "mis-speak", make dubious conclusions and appear oblivious to & unconcerned about/by the consequences to Kaspersky Customers.

& of course, because their test methodology is highly suspect & they deny there’s an issue, it’s up to us [Brave/Kaspersky] users, to prove it to them again! Even when we do provide dna proof they engage in the same ground-hog-day-merry-go-round, "there's nothing wrong with Kaspersky sfw, it's due to you/Brave/G_d", anything but K sfw
:(
:blink:
:wacko:


Malawarebytes fixed detecting [Brave Installer as malware: PDM:Trojan.Win32.Generic] in 1 (ONE) day, BECAUSE they totally knew it was/is a false positive...

Wonder how long it will take Kaspersky to "twig"?

Back to the drawing board....
Click to expand...

Removed from here

===
And now they decided to put another file from Brave in their malware list and refuse to remove it...
 
  • Like
Reactions: Venustus, Stopspying, toto_10 and 3 others
B

BVLon

Tiamati said:
No, they ask you to process it, and if you do, it's automatically excluded. But you can add to exclusion list before that...



I guess kaspersky doesn't like someone in brave develop team. Wtf... they were marking Brave as trojan in 2018????? And how about the way they managed the problem?



Removed from here

===
And now they decided to put another file from Brave in their malware list and refuse to remove it...
Click to expand...
What do I care about the "experts" conclusions... you don't need to be a professor with Phd to see that on VT, Kaspersky has flagged the software as potentially unwanted...
From what I read, it seems to me that a cycle repeats again and again and this cycle is:

1.) Version of Brave gets released:
2.) Everyone on their...if I can call it a forum, it's more like a jury, since everyone seems to be judgemental, same time incompetent and dumb... so everyone on this forum cries out.
3.) Request gets submitted to Kaspersky to whitelist the software, which they do... current version
4.) And then, back to one.
 
  • Like
Reactions: Venustus, toto_10, Tiamati and 2 others
Nightwalker

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Kaspersky is correctly detecting Brave's Tor component as Not-a-virus:NetTool.Win32.TorTool.bdd and it isnt automaticaly removing it, actualy it will just display a yellow warning and ask for your decision.

Personally I think Kaspersky approach is optimal, Tor components can be abused by malware, but if you trust the file just exclude it, problem solved.

What I really dont like is how some antivirus vendors copycat Kaspersky detections, they will blind add anything that Kaspersky detects at VirusTotal, this is well documented and I have tested it myself:

thenextweb.com

Kaspersky Antivirus accused of creating fake malware for over 10 years

Here’s a crazy report: Kaspersky Lab, makers of a popular antivirus service, might have created fake malware for over ten years to harm its competitors. The software was benign, but Kaspersky fooled other antivirus software into marking it
thenextweb.com thenextweb.com

About the PDM:Trojan.Win32.Generic detection, thats no good, but I have been using Kaspersky + Brave for a long time and never had anything detected (except for Tor component).
 
Last edited:
  • Like
  • +Reputation
  • Applause
Reactions: Venustus, brambedkar59, bribon77 and 12 others
B

BVLon

Nightwalker said:
Kaspersky is correctly detecting Brave's Tor component as Not-a-virus:NetTool.Win32.TorTool.bdd and it isnt automaticaly removing it, actualy it will just display a yellow warning and ask for your decision.

Personally I think Kaspersky approach is optimal, Tor components can be abused by malware, but if you trust the file just exclude it, problem solved.

What I really dont like is how some antivirus vendors copycat Kaspersky detections, they will blind add anything that Kaspersky detects at VirusTotal.

About the PDM:Trojan.Win32.Generic detection, thats no good, but I have been using Kaspersky + Brave for a long time and never had anything detected (except for Tor component).
Click to expand...
Yeah, I saw Antity-AL detects it as
RiskWare[NetTool]/Win32.TorTool
They even copied the name... I don't like their rude support, detection is fine.
 
  • Like
Reactions: DDE_Server, Tiamati, Nightwalker and 2 others
Burrito

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
BVLon said:
What do I care about the "experts" conclusions... you don't need to be a professor with Phd to see that on VT, Kaspersky has flagged the software as potentially unwanted...
From what I read, it seems to me that a cycle repeats again and again and this cycle is:

1.) Version of Brave gets released:
2.) Everyone on their...if I can call it a forum, it's more like a jury, since everyone seems to be judgemental, same time incompetent and dumb... so everyone on this forum cries out.
3.) Request gets submitted to Kaspersky to whitelist the software, which they do... current version
4.) And then, back to one.
Click to expand...

No way.

That's way too logical.

I think we need to get our pitchforks and torches and head over to oldschool's house.

1583462297962.png
1583462335636.png


He's the one who got a lot of us to try Brave.

We'll make him clean up our computers.... and give us a few beers.

And then we'll mess up his full head of hair.

That'll teach him... :D


1583462507764.png
 
  • HaHa
  • Like
Reactions: Venustus, brambedkar59, Stopspying and 12 others
B

BVLon

Burrito said:
No way.

That's way too logical.

I think we need to get our pitchforks and torches and head over to oldschool's house.

View attachment 234459 View attachment 234460

He's the one who got a lot of us to try Brave.

We'll make him clean up our computers.... and give us a few beers.

And then we'll mess up his full head of hair.

That'll teach him... :D


View attachment 234461
Click to expand...
He might call Kaspersky forum mods... they will give you some good discipline... you don't know who the Brave founder is.. I don't know why you are living. Kaspersky support will punish all of you now. Next time before you seek support from Kaspersky (you, the user who makes their salaries), make sure you've studied your lesson. Before you ask them to whitelist an app, you have to write an essay and mention who the founder of the app is, how the detection made you feel... beware how you behave on Kaspersky forum.
 
  • HaHa
  • Like
Reactions: Venustus, [correlate], DDE_Server and 2 others
blackice

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,781
  • Like
  • HaHa
Reactions: Venustus, toto_10, Burrito and 9 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
It's always helpful to include or point to the actual download source. Personal I managed to search, scroll and click way too much on both Braves site and their Github page and still haven't got any closer to the " Tor Brave " file. Also reading the shared links, just confuse even more as for example Braves main browser for Windows dosen't get flagged.

I'm actually curious, but I need help where the file "Tor-0.3.5.8-win32-brave-1" is and can be downloaded. Thanks. (y)
 
  • Like
Reactions: Venustus, Protomartyr, blackice and 5 others

Similar threads

P
  • Locked
Solved This is not detected by Kaspersky for some strange reason...
Replies
35
Views
1,883
Kaspersky
harlan4096
harlan4096
CyberTech
    • Like
    • +Reputation
Critical WebP bug: many apps, not just browsers, under threat
Replies
1
Views
1,539
News Archive
Andy Ful
Andy Ful
silversurfer
    • Like
    • +Reputation
New Update Bitwarden rolls out a fix for high CPU and memory usage in its Edge extension
Replies
0
Views
588
Web Extensions
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top